[rancid] [PATCH] panos.pm: filter secrets
Anderson, Charles R
cra at wpi.edu
Wed Feb 20 19:40:34 UTC 2019
The attached patch filters out snmp-community-string and all "key " values (encryption/authentication keys for OSPF and other protocols, IPsec pre-shared-keys, etc.) in PanOS/Panorama configs and fixes the initial comment line to begin with # like all the other comments.
- !RANCID-CONTENT-TYPE: paloalto
+ #RANCID-CONTENT-TYPE: paloalto
- snmp-community-string XXXXXXXX;
+ # snmp-community-string <removed>;
- key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX;
+ # key <removed>;
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
More information about the Rancid-discuss